Delete namespaces
Denial of Service
High
Overview
| Field | Value |
|---|---|
| ID | 1026 |
| Name | Delete namespaces |
| Risk Category | Denial of Service |
| Risk Level | High |
| Role Type | ClusterRole |
| API Groups | core |
| Resources | namespaces |
| Risky Verb Combinations | [delete] |
| Tags | DenialOfService NamespaceLifecycle ResourceDeletion |
Description
Permits deleting entire namespaces from the cluster. This is a destructive action that can lead to a significant denial of service by removing all resources, applications, and configurations within the targeted namespaces.
Abuse Scenarios
- Delete a specific namespace and all its resources.
kubectl delete namespace <namespace-name>
# Example: kubectl delete namespace production